[PATCH master 2/2] scripts: common.h: define loff_t on musl

Target tool build against musl fails, because loff_t is undefined, despite _GNU_SOURCE being defined. This is because glibc defines loff_t via , but musl defines loff_t only in fcntl.h and the latter file isn't included beforehand in imx-usb-loader-target.c. Add the missing include to and includ

[PATCH master 1/2] scripts: define _GNU_SOURCE for every user tool build

Defining _GNU_SOURCE via userccflags (for target tools) and KBUILD_HOSTCFLAGS (for host tools) works, but needs to be repeated in subdirectories like i.MX as well. As we make ample use of the asprintf GNU extension anyway, let's just define it in the top-level makefile for build of all user code.

Re: [PATCH] scripts: include: rename printk.h to printf.h

Hello Sascha, On 07.02.25 09:27, Sascha Hauer wrote: > > On Wed, 05 Feb 2025 11:25:49 +0100, Jules Maselbas wrote: >> The include scripts/include/asm-generic/bug.h relied on a printk.h >> compatible header which is located in the scripts/include/ and was >> not updated when printk.h was renamed t

Re: [PATCH 5/5] CVE-2025-26721: fs: pstore: fix malloc(size + constant) buffer overflow issues

On 19.02.25 15:18, Sascha Hauer wrote: > The pattern malloc(size + constant) is dangerous when size can be > manipulated by an attacker. In that case 'size' can be manipulated > in a way that 'size + constant' is 0 due to integer overflow. The > result is a zero sized buffer to which is then data w

Re: [PATCH 4/5] CVE-2025-26725: fs: jffs2: fix malloc(size + constant) buffer overflow issues

Hi Sascha, On 19.02.25 15:18, Sascha Hauer wrote: > The pattern malloc(size + constant) is dangerous when size can be > manipulated by an attacker. In that case 'size' can be manipulated > in a way that 'size + constant' is 0 due to integer overflow. The > result is a zero sized buffer to which is

Re: [PATCH 3/5] CVE-2025-26723: fs: ext4: fix malloc(size + constant) buffer overflow issues

On 19.02.25 15:18, Sascha Hauer wrote: > The pattern malloc(size + constant) is dangerous when size can be > manipulated by an attacker. In that case 'size' can be manipulated > in a way that 'size + constant' is 0 due to integer overflow. The > result is a zero sized buffer to which is then data w

Re: [PATCH 2/5] CVE-2025-26724: fs: cramfs: fix malloc(size + constant) buffer overflow issues

On 19.02.25 15:18, Sascha Hauer wrote: > The pattern malloc(size + constant) is dangerous when size can be > manipulated by an attacker. In that case 'size' can be manipulated > in a way that 'size + constant' is 0 due to integer overflow. The > result is a zero sized buffer to which is then data w

[PATCH 1/5] CVE-2025-26722: fs: squashfs: Ensure positive inode length

In squashfs_get_link() we have: int length = min_t(int, i_size_read(inode), PAGE_SIZE); The inode size is a 64bit number directly read from the device which is interpreted as a 32bit signed number above. An inode size with the lower 32bits set to 0x results in length being -1. Lat

Re: [PATCH 1/5] CVE-2025-26722: fs: squashfs: Ensure positive inode length

On 19.02.25 15:18, Sascha Hauer wrote: > In squashfs_get_link() we have: > > int length = min_t(int, i_size_read(inode), PAGE_SIZE); > > The inode size is a 64bit number directly read from the device which > is interpreted as a 32bit signed number above. An inode size with the > lower 32bit

Re: [PATCH 0/5] Filesystem memory corruption fixes

On 19.02.25 15:18, Sascha Hauer wrote: > These are some fixes for memory corruptions that can occur on corrupted > or manipulated filesystems. > > In case you use one of the affected filesystems in a secure boot chain > you should apply these patches. > > Normally you shouldn't use a barebox file

[PATCH 5/5] CVE-2025-26721: fs: pstore: fix malloc(size + constant) buffer overflow issues

The pattern malloc(size + constant) is dangerous when size can be manipulated by an attacker. In that case 'size' can be manipulated in a way that 'size + constant' is 0 due to integer overflow. The result is a zero sized buffer to which is then data written to. Avoid this by using struct_size() i

[PATCH 2/5] CVE-2025-26724: fs: cramfs: fix malloc(size + constant) buffer overflow issues

The pattern malloc(size + constant) is dangerous when size can be manipulated by an attacker. In that case 'size' can be manipulated in a way that 'size + constant' is 0 due to integer overflow. The result is a zero sized buffer to which is then data written to. Avoid this by using size_add() inst

[PATCH 4/5] CVE-2025-26725: fs: jffs2: fix malloc(size + constant) buffer overflow issues

The pattern malloc(size + constant) is dangerous when size can be manipulated by an attacker. In that case 'size' can be manipulated in a way that 'size + constant' is 0 due to integer overflow. The result is a zero sized buffer to which is then data written to. Avoid this by using size_add() and

[PATCH 3/5] CVE-2025-26723: fs: ext4: fix malloc(size + constant) buffer overflow issues

The pattern malloc(size + constant) is dangerous when size can be manipulated by an attacker. In that case 'size' can be manipulated in a way that 'size + constant' is 0 due to integer overflow. The result is a zero sized buffer to which is then data written to. Avoid this by using size_add() inst

[PATCH 0/5] Filesystem memory corruption fixes

These are some fixes for memory corruptions that can occur on corrupted or manipulated filesystems. In case you use one of the affected filesystems in a secure boot chain you should apply these patches. Normally you shouldn't use a barebox filesystem in a secure boot chain, but instead use FIT im

Re: [PATCH v2 10/10] ARM: socfpga: add Arrow AXE5 Agilex5 board

On Tue, Feb 18, 2025 at 10:21:35AM +0100, Steffen Trumtrar wrote: > diff --git a/arch/arm/boards/arrow-axe5-eagle/lowlevel.c > b/arch/arm/boards/arrow-axe5-eagle/lowlevel.c > new file mode 100644 > index > ..b736ca643f86b031dc070baf62f15a4a09e5aaba > --- /d

Re: [PATCH v2 09/10] net: add support for Designware XGMAC (10gb) ethernet

On Tue, Feb 18, 2025 at 10:21:34AM +0100, Steffen Trumtrar wrote: > The Designware XGMAC is designed for 1/2.5/5/10G ethernet applications. > It is mostly identical to the eqos driver but has a different register > layout. > > Signed-off-by: Steffen Trumtrar > --- > drivers/net/Kconfig

Re: [PATCH v2 07/10] clk: socfpga: add agilex5 clock support

On Tue, Feb 18, 2025 at 10:21:32AM +0100, Steffen Trumtrar wrote: > Add support for the Stratix10 and Agilex5 pll,gate and periph clocks. > > Only tested on Agilex5. > > Signed-off-by: Steffen Trumtrar > --- > drivers/clk/socfpga/Makefile | 4 +- > drivers/clk/socfpga/clk-agilex5.c

Re: [PATCH v2 08/10] net: phy: add Analog Devices ADIN1300

On Tue, Feb 18, 2025 at 10:21:33AM +0100, Steffen Trumtrar wrote: > The Analog Devices ADIN1300 is a low power 10Mbps,100Mbps, and 1Gbps > ethernet phy. > (https://www.analog.com/media/en/technical-documentation/data-sheets/adin1300.pdf) Where is this driver from? Can you add a reference to the co

Re: [PATCH 1/2] ARM: i.MX6: Enable PBL_VERIFY_PIGGY with HABV4 support

On Wed, Feb 19, 2025 at 11:43:29AM +0100, Marco Felsch wrote: > Hi Sascha, > > On 25-02-18, Sascha Hauer wrote: > > Some i.MX6 configurations use the xload mechanism. With this the ROM > > only loads and verifies the PBL. The PBL will then load barebox proper. > > Without verification the barebox

Re: [PATCH 1/2] ARM: i.MX6: Enable PBL_VERIFY_PIGGY with HABV4 support

Hi Sascha, On 25-02-18, Sascha Hauer wrote: > Some i.MX6 configurations use the xload mechanism. With this the ROM > only loads and verifies the PBL. The PBL will then load barebox proper. > Without verification the barebox proper binary is untrusted and could be > modified. Select PBL_VERIFY_PIGG